CVE-2007-3920

critical

Description

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

References

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192

https://exchange.xforce.ibmcloud.com/vulnerabilities/37410

https://bugzilla.redhat.com/show_bug.cgi?id=363061

https://bugzilla.redhat.com/show_bug.cgi?id=357071

http://www.ubuntu.com/usn/usn-537-2

http://www.ubuntu.com/usn/usn-537-1

http://www.securityfocus.com/bid/26188

http://www.redhat.com/support/errata/RHSA-2008-0485.html

http://secunia.com/advisories/30715

http://secunia.com/advisories/30329

http://secunia.com/advisories/28627

http://secunia.com/advisories/27381

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html

Details

Source: Mitre, NVD

Published: 2007-10-29

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 6.2

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical

EPSS

EPSS: 0.00051

Detections

Analytics